Many domains pointing to same public address for certificate issuance

Hi Team,

I am thinking of using Let’s Encrypts’ TLS certificate for my 3rd level domains (i have roughly 200 of them), which i use internally in my organisations.

What i am planning to do, is to point all those domains to a single public IP for external world (through DNS Split Horizon) and then do the HTTP validation for getting the certificate.

Now, my question is whether Let’sEncrypt will consider it as a spam (or malicious activity) as i am pointing 200 domains on same IP (and the said domains may be down afterwards from the public internet).

Gaurav Kansal

It’s fine. You could do it with thousands of domains.

Check out the rate limiting documentation and integration guide.


A key point in that documentation is that you should try to combine these into a small number of certificates that cover many subdomains, rather than a large number of certificates that cover few subdomains. The rate limits allow you only 20 certificates per week, but each certificate can cover 100 subdomains, so you can cover up to 2000 new subdomains per week. (In that case you also need to be careful to perform any new issuances before any renewals, because the renewals are not restricted by the rate limits, but do count against them.)


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.